The present invention relates to a computer system that enables an unregistered party to obtain access to another party's stored confidential information, and more particularly, is directed to a computer system that authenticates an unregistered party to grant access to another party's stored confidential information.
As used herein and in the claims, confidential information means information associated with an individual that cannot be determined merely by looking at the individual. As used herein and in the claims, the terms “confidential information” and “personal information” are interchangeable.
A patient is sometimes brought to a hospital emergency room in an unconscious condition. Emergency room doctors do the best they can, but in many cases could do better if they had the medical history of the patient prior to commencing treatment. After treatment, if the patient is still unconscious and cannot be identified, Medicare usually pays for the unidentified patient to be in the hospital for a month, then the patient is transferred to nursing care. Meanwhile, the family and friends of the unidentified or misidentified patient have no idea what happened.
Even if patients are conscious and competent to answer questions appropriately, they may not know what medications they are receiving, and their answers can be vague. For instance, one of the inventors asked a patient for the name of his primary care physician, and was told, “He's a small Indian man.” This response was inadequate, although it was the best that the patient could do.
Moreover, the emergency room is a hectic place, and documents can easily be misplaced, particularly if the documents are being sent from one bureaucracy, such as a nursing home, to another bureaucracy, the hospital emergency room.
Accordingly, there is a need for emergency room doctors to have a better way of obtaining information about patients.
The U.S. government is promoting a “blue button”, www.healthit.gov/patients-families/blue-button/about-blue-button, to enable patients to download their own health records to their own computer.
ICEBlueButton, www.icebluebutton.com, allows a user to create an ICE (In Case of Emergency) record on their smartphone. When a user downloads the application (“app”) and launches it for the first time, the app asks the user to create an ICE record by tapping Add New Profile. The app presents a list of details to include:                Personal Details        Emergency Contacts        An Authorized Representative        Primary Physician        Insurance Details        Allergies        Immunizations        Medical Conditions        Implanted DevicesA picture can be added to the profile, allowing would-be rescuers to ensure that the ICE record they are viewing matches the person in need of help.        
The ICEBlueButton record data can also be auto-filled by extraction of Blue Button+ C-CDA data pushed to the Blue Button+enabled ICEBlueButton app by MU-2 or Blue Button+ compliant electronic medical records (EMRs). When more than one record is used to auto-fill the ICE record, the app aggregates data from the important clinical fields including medical conditions, medications and allergies.
The user then taps the Publish Profile button to send the newly created ICE record to a secure ICEBlueButton server. A quick response (QR) generated code (a two-dimensional black and white barcode that can be read by an imaging device) is stored within the phone's image gallery. The QR code can then be printed on stickers that can be applied to bike helmets, skateboards or backpacks; or on magnets that can be placed on a refrigerator. This QR-code can then be used as the phone's lock screen so that when the paramedic checks the phone of a patient in distress, they will scan the code and get a detailed history. In addition, when scanned, the app can send an email alert to emergency contacts, letting them know the name of the person whose code was scanned, and when and where (map location) the app was scanned.
A problem with ICEBlueButton is that anyone can scan the QR-code and get access to the patient's confidential medical information. Another problem is that the identity of the person obtaining the confidential medical information is unknown. This creates serious privacy concerns.
WO 2103020185, “Emergency contact device”, is similar to ICEBlueButton, in that anyone can scan the QR-code for a patient and get access to the patient's confidential information.
U.S. Patent Application Publication 2008/0126417, “Systems and methods for emergency services, medical and community response to critical incidents”, discloses checking the security level for a registered requestor of a patient's confidential information. However, if a requestor is unregistered, they cannot access the patient's information.
U.S. Pat. No. 6,874,085, “Medical records data security system”, partitions a medical record into personal and medical portions. Access requires knowing the appropriate encryption key. If a patient arrives in the emergency room in an unconscious or confused condition, their stored information is thus unavailable.
U.S. Pat. No. 7,905,417, “Blinded electronic medical records”, stores patient identification data and medical data in separate databases. Consolidators are permitted to transfer blinded (anonymous) medical data. This is not helpful for learning about an individual patient.
The Dossia Health Manager™, www.dossia.com, enables users to store and securely access their health information. However, access requires knowing the patient's user name and password.
None of the prior art known to the inventors properly balances the confidentiality of a patient's stored medical information with the urgent need to know of emergency personnel unregistered with the medical storage system.